How to enable VPC access for AWS CodeBuild/Code Pipeline?

Question

How to enable VPC access for AWS CodeBuild/Code Pipeline?

I am working on the Neptune database and it requires VPC to access. While building code inside AWS CodeBuild. My tests are failing because it's not able to access the Neptune database. How can I configure the pipeline to allow CodeBuild to access the VPC?

Answer 1

Select environments from your CodeBuild project settings and in the advanced setting section you can select VPC, subnet and security group for your project.

For Subnets, choose a private subnet that has routes to your db. If internet access required, NAT gateway must be attached in the route table of private subnet. CodeBuild only works with Nat not with public subnet for internet access.

Answer 2

This AWS Documentation guide will help you to configure your Code Build Project with your VPC.

But I am sure, you must have gone through it. Please share the error as well.

Link

Answer 3

Be sure you have enabled AWS IAM authentication on your Neptune database config. You then need to allow the role you are running CodeBuild under to access that Neptune database. you will then be able to access it. Assuming it is an IAM error, please post more information if this is not the case. You will need to ensure the role you run as has the correct permissions to query Neptune.

There are detailed documents here on how to do this.

You can assign a managed policy to your role the following are available

1. NeptuneReadOnlyAccess
2. NeptuneFullAccess
3. NuptuneConsoleFullAccess <-- not really applicable to a CI process.